{"vulnerability": "CVE-2025-4392", "sightings": [{"uuid": "589c4dea-b49c-4ed8-929a-982a26337596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43928", "type": "exploited", "source": "https://t.me/thehackernews/6724", "content": "\ud83d\udc40 Hackers could be one path away from your sensitive files!\n\n\ud83d\udea8 New CVEs expose major flaws in Rack & Infodraw systems:\n\n\ud83d\udd39 CVE-2025-27610 lets attackers read config files & credentials via path traversal.\n\n\ud83d\udd39 Infodraw CVE-2025-43928 allows any file to be read or deleted\u2014no login needed.\n\nLearn more: https://thehackernews.com/2025/04/researchers-identify-rackstatic.html\n\n\ud83d\udd25 Exploits are trivial & patches missing. Systems in Belgium & Luxembourg already hit. Update now or go offline!", "creation_timestamp": "2025-04-25T11:00:58.000000Z"}, {"uuid": "0e1d5228-5818-4603-b6c2-7a324196ec15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43920", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114376187592491720", "content": "", "creation_timestamp": "2025-04-21T13:28:41.454736Z"}, {"uuid": "072cf96a-ac4b-43a5-831e-f7b3b994ac65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43921", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114376187592491720", "content": "", "creation_timestamp": "2025-04-21T13:28:41.609887Z"}, {"uuid": "189463e0-9012-4119-9c27-2dec9398f755", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43922", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lndtv77tq72u", "content": "", "creation_timestamp": "2025-04-21T18:59:08.298869Z"}, {"uuid": "f3b46234-5e4b-436c-afeb-154f78d25617", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43922", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114377680987955405", "content": "", "creation_timestamp": "2025-04-21T19:48:47.335449Z"}, {"uuid": "a30bcb87-abbd-427f-80eb-24005a6c4e92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43926", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loodjhyt7qa2", "content": "", "creation_timestamp": "2025-05-08T16:48:47.383888Z"}, {"uuid": "4de81f5e-26fb-4e5b-9219-906c3497ba30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43922", "type": "seen", "source": "https://t.me/cvedetector/23452", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43922 - FileWave Windows Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2025-43922 \nPublished : April 21, 2025, 4:15 p.m. | 1\u00a0hour, 27\u00a0minutes ago \nDescription : The FileWave Windows client before 16.0.0, in some non-default configurations, allows an unprivileged local user to escalate privileges to SYSTEM. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-21T19:49:37.000000Z"}, {"uuid": "0b5ef207-1595-4ad5-ae9f-e61615e5a399", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43920", "type": "seen", "source": "https://t.me/cvedetector/23404", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43920 - cPanel WHM Shell Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43920 \nPublished : April 20, 2025, 1:15 a.m. | 1\u00a0hour, 52\u00a0minutes ago \nDescription : GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-20T05:21:28.000000Z"}, {"uuid": "a0764226-ae5f-4e4a-a46e-647c7b3bd23c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43921", "type": "seen", "source": "https://t.me/cvedetector/23402", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43921 - cPanel WHM GNU Mailman Unauthenticated List Creation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43921 \nPublished : April 20, 2025, 1:15 a.m. | 1\u00a0hour, 52\u00a0minutes ago \nDescription : GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-20T05:21:26.000000Z"}, {"uuid": "b41658b6-fbc0-4b6b-8284-91939de613b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43929", "type": "seen", "source": "https://t.me/cvedetector/23406", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43929 - Kitty Open Actions Local File Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43929 \nPublished : April 20, 2025, 3:15 a.m. | 1\u00a0hour, 56\u00a0minutes ago \nDescription : open_actions.py in kitty before 0.41.0 does not ask for user confirmation before running a local executable file that may have been linked from an untrusted document (e.g., a document opened in KDE ghostwriter). \nSeverity: 4.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-20T07:52:00.000000Z"}, {"uuid": "40b70742-3413-42a5-b717-4f818eeed69e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43920", "type": "published-proof-of-concept", "source": "Telegram/L3w2C3-Sm7s2O3q1HAlD3oBhbAqYNCQjyvXrjx9dkERVqc4", "content": "", "creation_timestamp": "2025-04-20T05:00:06.000000Z"}, {"uuid": "cc6c1441-5628-4f11-b5a0-1565d73208e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43921", "type": "published-proof-of-concept", "source": "Telegram/L3w2C3-Sm7s2O3q1HAlD3oBhbAqYNCQjyvXrjx9dkERVqc4", "content": "", "creation_timestamp": "2025-04-20T05:00:06.000000Z"}, {"uuid": "1d7007f9-d8ad-40de-84fa-076d19d245bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43922", "type": "seen", "source": "Telegram/hzeboNNBaj7yZ1hOkqtr9xZOg402vowIgtzOJPP89RrSkNk", "content": "", "creation_timestamp": "2025-04-21T19:30:53.000000Z"}, {"uuid": "402bf6a2-30ba-446e-92d3-4c9051bb0bf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43929", "type": "published-proof-of-concept", "source": "Telegram/6BlNnQISMJjK8Pl8OU9og-Pn2243ivmYWMISvAPKSU-OHnw", "content": "", "creation_timestamp": "2025-04-20T11:00:06.000000Z"}, {"uuid": "219cc800-2e79-46fd-84c7-a591c3bcb113", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43921", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114370505926628196", "content": "", "creation_timestamp": "2025-04-20T13:23:46.539442Z"}, {"uuid": "5294c350-bf3a-4a5b-9b9c-69dad475c12b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43928", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114371130210376471", "content": "", "creation_timestamp": "2025-04-20T16:02:31.493787Z"}, {"uuid": "7f3059be-42f5-4fa1-8a16-4fc790254104", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43928", "type": "seen", "source": "https://mint-secure.de/path-traversal-vulnerability-in-surveillance-software/", "content": "", "creation_timestamp": "2025-04-22T12:15:13.664928Z"}, {"uuid": "5fff5840-8dcc-4a64-bc36-fc5e1b0e7f4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43922", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-09T13:26:56.000000Z"}, {"uuid": "e73e04ae-aeea-4557-8e12-739e88ef9619", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43928", "type": "seen", "source": "https://vulnerability.circl.lu/comment/a7120db2-1a20-4a03-849d-4688d5ea7992", "content": "", "creation_timestamp": "2025-04-22T12:20:06.408225Z"}, {"uuid": "5fbc07e3-69ce-425e-94f9-8f2964601720", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43922", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12709", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43922\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: The FileWave Windows client before 16.0.0, in some non-default configurations, allows an unprivileged local user to escalate privileges to SYSTEM.\n\ud83d\udccf Published: 2025-04-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T16:16:33.259Z\n\ud83d\udd17 References:\n1. https://kb.filewave.com/books/downloads/page/filewave-version-1603", "creation_timestamp": "2025-04-21T17:01:58.000000Z"}, {"uuid": "8a7ce947-c75d-4441-aa4e-a0e0d6f7c321", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43920", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/33180", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-43920: Remote Command Injection via Email Subject in GNU Mailman 2.1.39\nURL\uff1ahttps://github.com/0NYX-MY7H/CVE-2025-43920\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-20T15:30:27.000000Z"}, {"uuid": "9e52dc78-52e4-4b34-b9c0-432c86704f5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43921", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/33040", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-43921: Unauthorized Mailing List Creation in GNU Mailman 2.1.39\nURL\uff1ahttps://github.com/0NYX-MY7H/CVE-2025-43921\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-20T00:15:31.000000Z"}, {"uuid": "2863d18f-9174-4253-ac9f-26ed5e2084e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43920", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln7iaqp7x4r2", "content": "", "creation_timestamp": "2025-04-20T01:20:20.814403Z"}, {"uuid": "57c92c21-ed72-4a4d-91b0-156877a1f54c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43921", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln7iariqato2", "content": "", "creation_timestamp": "2025-04-20T01:20:21.328902Z"}, {"uuid": "e922b1b2-b253-4b88-8f9c-d03073ba141e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43920", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114367727235548302", "content": "", "creation_timestamp": "2025-04-20T01:37:06.114388Z"}, {"uuid": "45fa4d87-bd31-4849-8fb1-a2fc4ab02ab5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43921", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114367727235548302", "content": "", "creation_timestamp": "2025-04-20T01:37:06.210849Z"}, {"uuid": "ddabe1d3-e33a-424b-b637-fa4158b9e7a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43921", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ln7tnjwtnw2a", "content": "", "creation_timestamp": "2025-04-20T04:44:10.839202Z"}, {"uuid": "46c889ee-3b83-4e85-a9df-30dd2cd25a4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43920", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ln7tnk24j22l", "content": "", "creation_timestamp": "2025-04-20T04:44:11.456321Z"}, {"uuid": "3f8d36c5-ad3e-48b0-8854-c930e9217795", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43928", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln7xme3jeih2", "content": "", "creation_timestamp": "2025-04-20T05:55:21.562621Z"}, {"uuid": "799eb536-a4bd-4c04-894b-deccf7335496", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43929", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln7xmgavs7c2", "content": "", "creation_timestamp": "2025-04-20T05:55:22.102402Z"}, {"uuid": "3f661a78-8b12-4675-8803-61a389110bb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43928", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lna2ebsbpb2g", "content": "", "creation_timestamp": "2025-04-20T06:44:16.063925Z"}, {"uuid": "c33e989c-3c27-4faa-8a5e-e0e7d543449d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43929", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lna2ec6kgg2l", "content": "", "creation_timestamp": "2025-04-20T06:44:17.299124Z"}, {"uuid": "cfb3249d-ef9e-45e0-b201-3ed3234dbf65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4392", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3lqojh7urjl2q", "content": "", "creation_timestamp": "2025-06-03T05:07:12.072628Z"}, {"uuid": "4f266a32-5e4f-4bc5-b2e7-9e6ce4c8cc0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43925", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqpn2vvd6by2", "content": "", "creation_timestamp": "2025-06-03T15:45:48.131945Z"}, {"uuid": "27d0f5d2-559a-499d-8d61-b07afb4aef34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43924", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqpndniq7pj2", "content": "", "creation_timestamp": "2025-06-03T15:49:40.889440Z"}, {"uuid": "3b7b5705-ba89-40e0-9035-a28f954b82ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43923", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqpndnj7psp2", "content": "", "creation_timestamp": "2025-06-03T15:49:41.630131Z"}, {"uuid": "31c3a1bb-e4e1-40a2-ab81-6f514f19f9cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43922", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-11T18:47:36.000000Z"}, {"uuid": "a76470a9-f44b-4079-a201-b0f874ec34bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43921", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12604", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43921\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint.\n\ud83d\udccf Published: 2025-04-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-20T00:22:45.859Z\n\ud83d\udd17 References:\n1. https://code.launchpad.net/~mailman-coders/mailman/2.1\n2. https://github.com/0NYX-MY7H/CVE-2025-43921", "creation_timestamp": "2025-04-20T01:00:34.000000Z"}, {"uuid": "52382b2f-4f8c-4a7d-be4a-e1ddaccb0a3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43928", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12606", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43928\n\ud83d\udd25 CVSS Score: 5.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\ud83d\udd39 Description: In Infodraw Media Relay Service (MRS) 7.1.0.0, the MRS web server (on port 12654) allows reading arbitrary files via ../ directory traversal in the username field. Reading ServerParameters.xml may reveal administrator credentials in cleartext or with MD5 hashing.\n\ud83d\udccf Published: 2025-04-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-20T01:53:40.127Z\n\ud83d\udd17 References:\n1. https://mint-secure.de/path-traversal-vulnerability-in-surveillance-software/\n2. https://cfp.eh22.easterhegg.eu/eh22/talk/9UDXSE/", "creation_timestamp": "2025-04-20T03:02:00.000000Z"}, {"uuid": "349220c4-814c-4c9a-8581-839a881a1756", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43929", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12605", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43929\n\ud83d\udd25 CVSS Score: 4.1 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: open_actions.py in kitty before 0.41.0 does not ask for user confirmation before running a local executable file that may have been linked from an untrusted document (e.g., a document opened in KDE ghostwriter).\n\ud83d\udccf Published: 2025-04-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-20T02:23:05.648Z\n\ud83d\udd17 References:\n1. https://github.com/kovidgoyal/kitty/commit/ce5cfdd9caf44c538af800a07162e1f49bd53c35\n2. https://github.com/kovidgoyal/kitty/compare/v0.40.1...v0.41.0\n3. https://ghostwriter.kde.org/documentation/#links", "creation_timestamp": "2025-04-20T03:01:59.000000Z"}, {"uuid": "00d20e5c-ba7c-4454-b78d-da86d77bf825", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43920", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12602", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43920\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line.\n\ud83d\udccf Published: 2025-04-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-20T00:27:06.822Z\n\ud83d\udd17 References:\n1. https://code.launchpad.net/~mailman-coders/mailman/2.1\n2. https://github.com/0NYX-MY7H/CVE-2025-43920", "creation_timestamp": "2025-04-20T01:00:32.000000Z"}, {"uuid": "790e3ebf-23c0-441c-9748-06dd0553b846", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43926", "type": "seen", "source": "https://t.me/cvedetector/24829", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43926 - Znuny Unauthenticated User Preference Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43926 \nPublished : May 8, 2025, 4:15 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : An issue was discovered in Znuny through 6.5.14 and 7.x through 7.1.6. Custom AJAX calls to the AgentPreferences UpdateAJAX subaction can be used to set user preferences with arbitrary keys. When fetching user data via GetUserData, these keys and values are retrieved and given as a whole to other function calls, which then might use these keys/values to affect permissions or other settings. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-08T20:07:33.000000Z"}, {"uuid": "47141fd5-e3db-4a4d-9262-342e50493810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43928", "type": "seen", "source": "https://t.me/cvedetector/23407", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43928 - Infodraw Media Relay Service File Reading Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43928 \nPublished : April 20, 2025, 3:15 a.m. | 1\u00a0hour, 56\u00a0minutes ago \nDescription : In Infodraw Media Relay Service (MRS) 7.1.0.0, the MRS web server (on port 12654) allows reading arbitrary files via ../ directory traversal in the username field. Reading ServerParameters.xml may reveal administrator credentials in cleartext or with MD5 hashing. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-20T07:52:01.000000Z"}]}